Vulnerabilities > AMD > Ryzen Threadripper PRO 5965Wx Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-05-12 CVE-2021-26351 Improper Input Validation vulnerability in AMD products
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service.
local
low complexity
amd CWE-20
5.5
2022-05-12 CVE-2021-26366 Unspecified vulnerability in AMD products
An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity.
local
low complexity
amd
7.1
2022-05-11 CVE-2021-26339 Unspecified vulnerability in AMD products
A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service.
local
low complexity
amd
5.5
2022-05-11 CVE-2021-26373 Improper Input Validation vulnerability in AMD products
Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.
local
low complexity
amd CWE-20
5.5
2022-05-11 CVE-2021-26375 Unspecified vulnerability in AMD products
Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.
local
low complexity
amd
5.5
2022-05-11 CVE-2021-26376 Unspecified vulnerability in AMD products
Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service.
local
low complexity
amd
5.5
2022-05-11 CVE-2021-26378 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMD products
Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.
local
low complexity
amd CWE-119
5.5
2022-05-11 CVE-2021-26388 Out-of-bounds Read vulnerability in AMD products
Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.
local
low complexity
amd CWE-125
5.5
2022-05-10 CVE-2021-26352 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMD products
Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.
local
low complexity
amd CWE-119
5.5
2022-05-10 CVE-2021-26390 Unspecified vulnerability in AMD products
A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.
local
low complexity
amd
6.2